[CODE] 2010-12-01,16:46:41 SysLog Scanner 3.1 - build 20100608 Arswp (http://www.arswp.com) Windows XP Professional Service Pack 2 (build 2600) ================================================================ 注册项 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [(Verified)PPStream Inc, 1, 0, 11, 296] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <"C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDCertM_CCB.exe"> [ Beijing WatchData System Co., Ltd., 3, 2, 0, 0] <"C:\Program Files\Rising\RAV\RSTRAY.EXE" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.8] <"C:\Program Files\Rising\RFW\RSTRAY.EXE" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.8] <360Safetray> <"C:\Program Files\360\360Safe\safemon\360Tray.exe" /start> [(Verified)360.cn, 7, 3, 1, 1026] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] [(Verified)ATI Technologies Inc., 6.14.10.4177] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components] <{44BBA842-CC51-11CF-AAFA-00AA00B6015B}> [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | (Verified)Microsoft Corporation, 7.00.5730.13 (longhorn(wmbla).070711-1130) | (Verified)N/A] <{6BF52A52-394A-11d3-B153-00C04F79FAA6}> [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | (Verified)Microsoft Corporation, 7.00.5730.13 (longhorn(wmbla).070711-1130) | (Verified)N/A] <{89B4C1CD-B018-4511-B0A1-5476DBF70820}> [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions] <{95B3F550-91C4-4627-BCC4-521288C52977}> [(Verified)PPLive Corporation, 2, 3, 0, 4] ================================================================ 启动组 ================================================================ 任务计划 ================================================================ 组件 -------------------------------- Shell Extension [Display Panning CPL Extension] <{42071714-76d4-11d1-8b24-00a0c9068ff3}> [] [HyperTerminal Icon Ext] <{88895560-9AA2-1069-930E-00AA0030EBC8}> [(Verified)Hilgraeve, Inc., 5.1.2600.0] [任务栏和「开始」菜单] <{0DF44EAA-FF21-4412-828E-260A8728E7F1}> <> [] [ShellLink for Application References] <{e82a2d71-5b2f-43a0-97b8-81be15854de8}> [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [Catalyst Context Menu extension] <{5E2121EE-0300-11D4-8D3B-444553540000}> [Advanced Micro Devices, Inc., 6.14.10.2001] [WinRAR shell extension] <{B41DB860-8EE4-11D2-9906-E49FADC173CA}> [N/A] [YouKuDesktop Shell Extension] <{BF11148E-D2A6-4506-8CD3-651F34B31984}> [(Verified)Youku.com, 2.1.0.1029] [Shell Extensions for RealOne Player] <{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}> [(Verified)RealNetworks, Inc., 1.0.2.772] -------------------------------- ToolBar [瑞星卡卡工具条(&R)] <{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C}> [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] -------------------------------- Protocols [Cor MIME Filter, CorFltr, CorFltr 1] <{1E66F26B-79EE-11D2-8710-00C04F79ED0D}> [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300)] [] <{6AC4FBC7-AA38-45EC-9634-D6D20B679EFC}> [(Verified)N/A] -------------------------------- Context Menu [iku2] <{BF11148E-D2A6-4506-8CD3-651F34B31984}> [(Verified)Youku.com, 2.1.0.1029] [QvodMenu] <{9F44453E-1E46-4D5C-B57C-112FF2EDAE82}> [(Verified)Shenzhen QVOD Technology Co.,Ltd, 3, 0, 0, 0] [RisingKaKaExt] <{356B11FA-929F-4eb7-8B26-D7E3184DDD16}> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [RisingRavExt] <{1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}> [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3] [WinRAR] <{B41DB860-8EE4-11D2-9906-E49FADC173CA}> [N/A] [ACE] <{5E2121EE-0300-11D4-8D3B-444553540000}> [Advanced Micro Devices, Inc., 6.14.10.2001] -------------------------------- BrowserHelperObject [卡卡上网安全助手] <{98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}> [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 28] [SafeMon Class] <{B69F34DD-F0F9-42DC-9EDD-957187DA688D}> [(Verified)360.cn, 6, 7, 8, 1001] [ICBC Anti-Phishing class] <{BB4491A2-D11A-4c6b-91C0-B53246A3122B}> [(Verified)中国工商银行, 1.0.6.29] -------------------------------- ActiveX Extension [Web Browser Applet Control] <{08B0E5C0-4FCB-11CF-AAA5-00401C608501}> [Microsoft Corporation, 5.00.3810] [NetPlayer Class] <{1051BC6C-02E5-44F9-91B7-463FCB96C6D2}> [PowerCOM Software Ltd, 4, 0, 6, 27] [KuGoo3Down Control] <{162AF25B-5A2A-448E-A842-194653EF3E05}> [(Verified)N/A] [InfoScan Control] <{1F14548F-6975-40F1-AE24-6E2D1D449B2F}> [CCB, 1, 0, 0, 1] [GDGetTokenInfo Class] <{3AA9CF07-DF20-48FF-98BE-DED276E40146}> [Copyright 2007, 1, 0, 0, 2] [Thunder Agent Class] <{485463B7-8FB2-4B3B-B29B-8B919B0EACCE}> [(Verified)深圳市迅雷网络技术有限公司, 5,9,20,1418] [CAntiVersion Object] <{5EFE0AA6-B28B-41BD-9B3C-02AA3F79EA9A}> [(Verified)中国工商银行, 1.0.5.27] [Access UserInfo by Script] <{6EE9CD3E-A386-4DAE-9737-A759DBF927AE}> [(Verified)深圳市迅雷网络技术有限公司, 1.0.1.2] [AxInputControl Class] <{73E4740C-08EB-4133-896B-8D0A7C9EE3CD}> [Copyright 2003, 1, 0, 0, 13] [MediaComm Class] <{7670648D-461B-42AF-BDFE-46D26AF5EFF2}> [(Verified)深圳市迅雷网络技术有限公司, 3, 1, 7, 83] [GDGetVer Class] <{7CCE07A5-A590-4554-B5C3-082840D7012E}> [(Verified)Copyright 2010, 1, 0, 0, 2] [Peer Adapter] <{80E18282-3716-48CA-B50C-F7B7F6A32791}> <> [] [360SafeLive] <{87515F61-A66C-4319-A0E0-D416CB8059E3}> [(Verified)360.cn, 1, 0, 0, 1009] [AxSubmitControl Class] <{8D9E0B29-563C-4226-86C1-5FF2AE77E1D2}> [Copyright 2003, 1, 0, 0, 6] [SSOForPTLogin Class] <{8FC1EE75-72B3-4A23-B987-2B1C4C8A611B}> [(Verified)(c) Tencent Co. Ltd. All rights reserved., 1, 0, 1, 4] [卡卡上网安全助手] <{98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}> [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 28] [DapCtrl Class] <{ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8}> [(Verified)ShenZhen Thunder Networking Technologies Ltd., 2, 3, 5927, 310] [InfoSecICBCNetSign Class] <{B1FBC1AD-5644-4084-882A-0F8BA85E7506}> [(Verified)Infosec Technologies Co., Ltd., 1, 0, 75, 5] [SafeMon Class] <{B69F34DD-F0F9-42DC-9EDD-957187DA688D}> [(Verified)360.cn, 6, 7, 8, 1001] [ICBC Anti-Phishing class] <{BB4491A2-D11A-4C6B-91C0-B53246A3122B}> [(Verified)中国工商银行, 1.0.6.29] [ActiveX Class] <{C3D8F2C7-A508-4724-BC3A-C247058D17EB}> [PowerCOM Software Ltd., 4.0.6.30] [WDCCBCtrl Class] <{CE0460F5-48BD-4DC1-A046-0BDCB5A06CEB}> [(Verified)Copyright 2007, 1, 0, 0, 7] [RealPlayer G2 Control] <{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}> [(Verified)RealNetworks, Inc., 6.0.10.1022] [Shockwave Flash Object] <{D27CDB6E-AE6D-11CF-96B8-444553540000}> [(Verified)Adobe Systems, Inc., 10,1,102,64] [KuAgent2 Class] <{D928E486-C465-4A64-976D-F3B24BBECC69}> [(Verified)Youku.com, 2.1.0.1029] [瑞星卡卡工具条(&R)] <{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C}> [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [TimwpDll.TimwpCheck] <{ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4}> [(Verified)Tencent, 1, 50, 1720, 0] [PPLive Lite Class] <{EF0D1A14-1033-41A2-A589-240C01EDC078}> [(Verified)Copyright 2008, 1, 1, 0, 14] [QvodCtrl Class] <{F3D0D36F-23F8-4682-A195-74C92B03D4AF}> [(Verified)Shenzhen QVOD Technology Co.,Ltd, 3, 5, 0, 64] ================================================================ 服务 [ATI Smart / ATI Smart][Stopped/Manual Start] [Copyright (C) 1998 - 2007 ATI Technologies Inc., 5.13.0027] [Human Interface Device Access / HidServ][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll"> [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [ServiceLayer / ServiceLayer][Stopped/Manual Start] <"C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"> [Nokia, 7, 0, 135, 0] [STI Simulator / STI Simulator][Running/Auto Start] [N/A] [WatchData ccb V3.2 / WDMonitorCCB][Running/Auto Start] [ Beijing WatchData System Co., Ltd., 3, 2, 0, 0] [Ati HotKey Poller / Ati HotKey Poller][Stopped/Manual Start] <%SystemRoot%\system32\Ati2evxx.exe> [(Verified)ATI Technologies Inc., 6.14.10.4218] [ES lite Service for program management. / ES lite Service][Stopped/Manual Start] <"C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE"> [(Verified)N/A] [ICBC Daemon Service / ICBC Daemon Service][Stopped/Auto Start] [(Verified)N/A] [Rsd Service / RsMgrSvc][Running/Auto Start] <"C:\Program Files\Rising\RSD\RsMgrSvc.exe"> [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.13] [Rav Service / RsRavMon][Running/Auto Start] <"C:\Program Files\Rising\RAV\RavMonD.exe"> [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 12] [RFW Service / RsRFWMon][Running/Auto Start] <"C:\Program Files\Rising\RFW\RavMonD.exe"> [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 12] [主动防御 / ZhuDongFangYu][Running/Auto Start] <"C:\Program Files\360\360Safe\deepscan\zhudongfangyu.exe"> [(Verified)360.cn, 3, 2, 2, 1002] ================================================================ 驱动 [a320raid / a320raid][Stopped/Boot Start] [Adaptec, Inc., v1.02.063] [AAC / AAC][Stopped/Boot Start] [Adaptec, Inc., 4.1.0.7244] [aar1210 / aar1210][Stopped/Boot Start] [Adaptec, Inc., v1.00.07] [adpu320 / adpu320][Stopped/Boot Start] [Adaptec, Inc., 3.0.000.000 built by: WinDDK] [ACARD AEC6210UF UltraDMA33 Controller / aec6210][Stopped/Boot Start] [ACARD Technology Corp., 5.0.4.3] [ACARD AEC6260 UltraDMA-66 Controller / aec6260][Stopped/Boot Start] [ACARD Technology Corp., 1.1.4.12] [aec6280 / aec6280][Stopped/Boot Start] [ACARD Technology Corp., 1, 0, 5, 4] [AEC6290 / AEC6290][Stopped/Boot Start] [ACARD Technology Corp., 1, 0, 5, 4] [AEC67160 / AEC67160][Stopped/Boot Start] [ACARD Technology Corp., 1.01] [AEC671X / AEC671X][Stopped/Boot Start] [ACARD Technology Corp., 5.22] [AEC6880 / AEC6880][Stopped/Boot Start] [ACARD Technology Corp., 2.10] [AEC6890 / AEC6890][Stopped/Boot Start] [ACARD Technology Corp., 2.10] [aec68x5 / aec68x5][Stopped/Boot Start] [ACARD Technology Corp., 1.053] [AMD K8 Processor Driver / AmdK8][Stopped/Manual Start] [Microsoft Corporation, 6.0.5112.0 (winmain_beta1.050720-1600)] [arc / arc][Stopped/Boot Start] [Adaptec, Inc., 5.2.0.6586 (NT.050205-1730)] [cpuz132 / cpuz132][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\cpuz132_x32.sys> [Windows (R) Codename Longhorn DDK provider, 6.0.6000.16386 built by: WinDDK] [elxstor / elxstor][Stopped/Boot Start] [Emulex, 5-1.11M0 5/6/2005 WS2K3 32 bit (NT.050404-1245)] [ENTECH / ENTECH][Stopped/Manual Start] <\??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys> [EnTech Taiwan, 1.0] [FASTSX / FASTSX][Stopped/Boot Start] [Promise Technology, Inc., 1.02.0000.9] [fasttrak / fasttrak][Stopped/Boot Start] [Promise Technology, Inc., 2.00.0.34] [fasttx2k / fasttx2k][Stopped/Boot Start] [Promise Technology, Inc., 1.00.0.37] [fasttx2k2 / fasttx2k2][Stopped/Boot Start] [Promise Technology, Inc., 1.00.0.23] [HpCISSs / HpCISSs][Stopped/Boot Start] [Hewlett-Packard Company, 5.11.0.32 Build 2 (x86) (NT.050205-1730)] [Hpt366 / Hpt366][Stopped/Boot Start] [Microsoft Corporation, 4.00] [HPT371 / HPT371][Stopped/Boot Start] [HighPoint Technologies, Inc., v1.22] [hpt374 / hpt374][Stopped/Boot Start] [HighPoint Technologies, Inc., v3.03] [hpt3xx / hpt3xx][Stopped/Boot Start] [HighPoint Technologies, Inc., v2.351] [hptmv / hptmv][Stopped/Boot Start] [HighPoint Technologies, Inc., v1.04] [hptpro / hptpro][Stopped/Boot Start] [HighPoint Technologies, Inc., 1.23.12.10] [Intel Integrated RAID / iaStor][Stopped/Boot Start] [Intel Corporation, 4.7.0.6815] [iirsp / iirsp][Stopped/Boot Start] [Intel Corp./ICP vortex GmbH, 5.4.22.0] [ITERAID_Service_Install / iteraid][Stopped/Boot Start] [Integrated Technology Express, Inc., v1.6.1.8] [LSI_SAS / LSI_SAS][Stopped/Boot Start] [LSI Logic, 1.20.19.95 (NT.050715-1210)] [LSI_SCSI / LSI_SCSI][Stopped/Boot Start] [LSI Logic, 1.20.19.95 (NT.050715-1210)] [m5228 / m5228][Stopped/Boot Start] [ALi Corporation., 5.024] [m5281 / m5281][Stopped/Boot Start] [ALi Corporation, 5.024] [MegaIDE / MegaIDE][Stopped/Boot Start] [LSI Logic Corporation., 4.1.0709.2003] [megasas / megasas][Stopped/Boot Start] [LSI Logic Corporation, 1.1.0.32 (NT.050205-1730)] [mraid2k / mraid2k][Stopped/Boot Start] [American Megatrends, Inc., 5.20] [nfrd960 / nfrd960][Stopped/Boot Start] [IBM Corporation, 7.10.53 (NT.050205-1730)] [Intel SCSI Controller / NvAtaBus][Stopped/Boot Start] [NVIDIA Corporation, 5.10.2600.0507 built by: WinDDK] [NVIDIA nForce(tm) RAID Class Driver / nvraid][Stopped/Boot Start] [NVIDIA Corporation, 5.10.2600.0507 built by: WinDDK] [SoC PC-Camera Beta3 / PAC207][Stopped/Manual Start] [0.0.3.52] [PNP649R / PNP649R][Stopped/Boot Start] [CMD Technology, Inc., 1, 0, 0, 0] [SiI 680 ATA Controller / Pnp680][Stopped/Boot Start] [Silicon Image, Inc., 1, 0, 0, 12] [Silicon Image SiI 0680 Medley Raid Controller / Pnp680r][Stopped/Boot Start] [Silicon Image, Inc, 1, 0, 1, 7] [QLogic Fibre Channel SCSI Miniport Driver / ql2300][Stopped/Boot Start] [QLogic Corporation, 9.0.0.7 (w32)] [RAIDSRC / RAIDSRC][Stopped/Boot Start] [Intel/ICP, 5.3.15] [S150SX8 / S150SX8][Stopped/Boot Start] [Promise Technology, Inc., 1.00.0.51] [SiI-3512 SATALink Controller / SI3112][Stopped/Boot Start] [Silicon Image, Inc., 1, 1, 0, 52] [Silicon Image SiI 3512 SATARaid Controller / SI3112r][Stopped/Boot Start] [Silicon Image, Inc, 1, 0, 0, 40] [SiI-3114 SATALink Controller / SI3114][Stopped/Boot Start] [Silicon Image, Inc., 1, 2, 0, 5] [SiI-3114 SATARaid Controller / SI3114r][Stopped/Boot Start] [Silicon Image, Inc, 1, 0, 0, 1] [SiI-3124 SATALink Controller / SI3124][Stopped/Boot Start] [Silicon Image, Inc., 1, 0, 0, 7] [SiI-3124 SATARaid Controller / SI3124r][Stopped/Boot Start] [Silicon Image, Inc, 1, 0, 0, 2] [SATALink driver accelerator / SiFilter][Stopped/Boot Start] [Silicon Image, Inc., 1.0.0.8] [SISIDE / SISIDE][Stopped/Boot Start] [Silicon Integrated Systems Corp., 2.04.00.00 built by: WinDDK] [SiSRaid / SiSRaid][Stopped/Boot Start] [Silicon Integrated Systems, 5.1.1039.1050 built by: WinDDK] [SiSRaid1 / SiSRaid1][Stopped/Boot Start] [Silicon Integrated Systems, 5.1.1039.1050 built by: WinDDK] [SISRAIDS / SISRAIDS][Stopped/Boot Start] [Silicon Integrated Systems Corp, 2.01.00] [sptrak / sptrak][Stopped/Boot Start] [Promise Technology, Inc., 1.10 Build 41] [SYMMPI / SYMMPI][Stopped/Boot Start] [LSI Logic, 1.10.00.00 built by: WinDDK] [TCP/IP Protocol Driver / Tcpip][Running/System Start] [Microsoft Corporation, 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245)] [UlSata / UlSata][Stopped/Boot Start] [Promise Technology, Inc., 1.00.0.27] [ULSATAS / ULSATAS][Stopped/Boot Start] [Promise Technology, Inc., 1.00.0.25] [viamraid / viamraid][Stopped/Boot Start] [VIA Technologies inc,.ltd, 5.1.2600.310] [VIA ATA/ATAPI Host Controller / viapdsk][Stopped/Boot Start] [VIA Technologies, Inc., 5.1.2600.104] [viaraid / viaraid][Stopped/Boot Start] [VIA Technologies inc,.ltd, 5.1.2600.210] [viasraid / viasraid][Stopped/Boot Start] [VIA Technologies inc,.ltd, 5.1.2600.220] [vmscsi / vmscsi][Stopped/Boot Start] [VMware, Inc., 1, 2, 0, 0] [360mipan / 360mipan][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\360mipan.sys> [(Verified)360, 1.0.0.1003] [360netmon / 360netmon][Running/System Start] <\??\C:\WINDOWS\system32\drivers\360netmon.sys> [(Verified)360.cn, 2.1.6.1019] [360SelfProtection / 360SelfProtection][Running/System Start] [(Verified)360安全中心, 1, 0, 0, 1052] [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start] [(Verified)Intel Corporation, 5.10.3523 built by: WinDDK] [AliIde / AliIde][Running/Boot Start] [(Verified)Acer Laboratories Inc., 1.20] [AMD HwPState Processor Driver / AmdPPM][Running/System Start] [(Verified)Advanced Micro Devices, 1.0.0 built by: WinDDK] [asc / asc][Stopped/Boot Start] [(Verified)Advanced System Products, Inc., 2.9I-MS (XPClient.010817-1148)] [asc3550 / asc3550][Stopped/Boot Start] [(Verified)Advanced System Products, Inc., 3.1E-MS (XPClient.010817-1148)] [ati2mtag / ati2mtag][Running/Manual Start] [(Verified)ATI Technologies Inc., 6.14.10.6903] [ATI Function Driver for HDMI Service / AtiHdmiService][Running/Manual Start] [(Verified)ATI Research Inc., 5.00.50000.08] [AtpKrnl / AtpKrnl][Running/Manual Start] [(Verified)www.arswp.com, 3.00] [BAPIDRV / BAPIDRV][Running/System Start] <\??\C:\WINDOWS\system32\drivers\BAPIDRV.SYS> [(Verified)360.cn, 1.0.0.1019] [CmdIde / CmdIde][Running/Boot Start] [(Verified)CMD Technology, Inc., 2.0.7 (XPClient.010817-1148)] [dac2w2k / dac2w2k][Stopped/Boot Start] [(Verified)Mylex Corporation, 6.00-21 (XPClient.010817-1148)] [EfiSystemMon / EfiMon][Running/System Start] [(Verified)奇虎网, 1, 0, 0, 1007] [VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start] [(Verified)VIA Technologies, Inc. , 2.66] [gdrv / gdrv][Stopped/Manual Start] <\??\C:\WINDOWS\gdrv.sys> [(Verified)Windows (R) 2000 DDK provider, 5.00.2195.1620] [Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start] [(Verified)Windows (R) Server 2003 DDK provider, 5.10.01.5013 built by: WinDDK] [HookPort / HookPort][Running/Boot Start] [(Verified)360安全中心, 1, 0, 0, 1017] [hooksys / hooksys][Running/System Start] <\??\C:\WINDOWS\system32\drivers\Hooksys.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 25, 0, 0, 30] [HookTdi / HookTdi][Running/System Start] <\??\C:\WINDOWS\system32\drivers\HookTdi.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 25.0.0.14] [HyperVM / HyperVM][Running/System Start] <\??\C:\WINDOWS\system32\drivers\hvm.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 4] [Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start] [(Verified)Realtek Semiconductor Corp., 5.10.0.5780 built by: WinDDK] [mraid35x / mraid35x][Stopped/Boot Start] [(Verified)American Megatrends Inc., 6.19 (XPClient.010817-1148)] [Nokia USB Phone Parent / nmwcd][Stopped/Manual Start] [(Verified)Nokia, 7.1.30.52] [Nokia USB Generic / nmwcdc][Stopped/Manual Start] [(Verified)Nokia, 7.1.30.52] [nv / nv][Stopped/Manual Start] [(Verified)NVIDIA Corporation, 6.14.10.5673] [PCCS Mode Change Filter Driver / pccsmcfd][Stopped/Manual Start] [(Verified)Nokia, 7.0.0.0] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148)] [ql1080 / ql1080][Stopped/Boot Start] [(Verified)QLogic Corporation, 3.04] [ql12160 / ql12160][Stopped/Boot Start] [(Verified)QLogic Corporation, 7.13.02 (W64)] [ql1280 / ql1280][Stopped/Boot Start] [(Verified)QLogic Corporation, 7.13.01 (W2K)] [Quantum DeepScanner Servers / qutmdserv][Running/System Start] <\??\C:\WINDOWS\system32\drivers\qutmdrv.sys> [(Verified)360.cn, 6.7.0.1006] [qutmipc / qutmipc][Running/System Start] <\??\C:\WINDOWS\system32\drivers\qutmipc.sys> [(Verified)360安全中心, 6.6.0.1006] [Rising RfwARP Driver / RFWARP][Running/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 25.0.0.1] [Rising RfwNdis Driver / RFWNDIS][Running/Manual Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 25.0.0.4] [rfwtdi / rfwtdi][Running/Auto Start] <\??\C:\Program Files\Rising\RFW\rfwtdi.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 25.0.0.6] [rsfwdrv / rsfwdrv][Running/Auto Start] <\??\C:\Program Files\Rising\RFW\rsfwdrv.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 25.0.0.14] [Service for HDMI / RTHDMIAzAudService][Stopped/Manual Start] [(Verified)Realtek Semiconductor Corp., 5.10.0.5766 built by: WinDDK] [Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver / RTLE8023xp][Running/Manual Start] [(Verified)Realtek Semiconductor Corporation , 5.708.1030.2008 built by: WinDDK] [SafeBoxAnti / SafeBoxAnti][Running/System Start] <\??\C:\WINDOWS\system32\drivers\AntiDrv.sys> [(Verified)360.cn, 4.0.0.1005] [Secdrv / Secdrv][Stopped/Manual Start] [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086] [Sparrow / Sparrow][Stopped/Boot Start] [(Verified)Adaptec, Inc., v2.0a (ReleaseBinaries.001205-1804)] [symc810 / symc810][Stopped/Boot Start] [(Verified)Symbios Logic Inc., 5.1.2409.1 (ReleaseBinaries.001205-1804)] [symc8xx / symc8xx][Stopped/Boot Start] [(Verified)LSI Logic, 5.1.2409.1 (ReleaseBinaries.001205-1804)] [sym_hi / sym_hi][Stopped/Boot Start] [(Verified)LSI Logic, 5.1.2462.0 (Lab01_N.010309-0027)] [sym_u3 / sym_u3][Stopped/Boot Start] [(Verified)LSI Logic, 5.1.2462.0 (Lab01_N.010309-0027)] [ultra / ultra][Stopped/Boot Start] [(Verified)Promise Technology, Inc., 1.43 (第 0603 版)] [upperdev / upperdev][Stopped/Manual Start] [(Verified)Nokia, 7.1.30.52] [UsbserFilt / UsbserFilt][Stopped/Manual Start] [(Verified)Nokia, 7.1.30.52] ================================================================ 活动进程 [PID: 1180 / SYSTEM] \??\C:\WINDOWS\system32\winlogon.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\Ati2evxx.dll [(Verified)ATI Technologies Inc., 6.14.10.4177] [PID: 1224 / SYSTEM] C:\WINDOWS\system32\services.exe [(Verified)Microsoft Corporation, 5.1.2600.3520 (xpsp_sp2_qfe.090206-1239)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1236 / SYSTEM] C:\WINDOWS\system32\lsass.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1420 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1488 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\ikutm.dll [(Verified)youku.com, 0, 9, 8, 4] [PID: 1612 / SYSTEM] C:\Program Files\Rising\RSD\RsMgrSvc.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.13] C:\Program Files\Rising\RSD\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.4] C:\Program Files\Rising\RSD\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.1] [PID: 1624 / SYSTEM] C:\Program Files\Rising\RAV\RavMonD.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 12] C:\Program Files\Rising\RAV\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 11] C:\Program Files\Rising\RAV\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.4] C:\Program Files\Rising\RAV\scansrvp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.12] C:\Program Files\Rising\RAV\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1] C:\Program Files\Rising\RAV\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.3] C:\Program Files\Rising\RAV\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1] C:\Program Files\Rising\RAV\Rslog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.19] C:\Program Files\Rising\RAV\RsStore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 11] C:\Program Files\Rising\RAV\mondrvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 11] C:\Program Files\Rising\RAV\defmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 57] C:\Program Files\Rising\RAV\moncom08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.2] C:\Program Files\Rising\RAV\taskplug.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.2] C:\Program Files\Rising\RAV\mondrvm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8] C:\Program Files\Rising\RAV\MonRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 31] C:\Program Files\Rising\RAV\FileMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 32] C:\Program Files\Rising\RAV\MailMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 54] C:\Program Files\Rising\RAV\rsindent.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.1.0] C:\Program Files\Rising\RAV\cnt08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\Program Files\Rising\RAV\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.1] C:\Program Files\Rising\RAV\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.4] C:\Program Files\Rising\RAV\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.1] C:\Program Files\Rising\RAV\Hooksys.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 25, 0, 0, 8] C:\Program Files\Rising\RAV\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] C:\Program Files\Rising\RAV\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] C:\Program Files\Rising\RAV\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 7] C:\Program Files\Rising\RAV\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.1] C:\Program Files\Rising\RAV\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.1] C:\Program Files\Rising\RAV\hookTdi.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 25, 0, 0, 9] C:\Program Files\Rising\RAV\BACore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 33] C:\Program Files\Rising\RAV\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 12] C:\Program Files\Rising\RAV\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3] C:\Program Files\Rising\RAV\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 2] C:\Program Files\Rising\RAV\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1] C:\Program Files\Rising\RAV\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.12] C:\Program Files\Rising\RAV\bawhite.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 5] C:\Program Files\Rising\RAV\ScanAdd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.31] C:\Program Files\Rising\RAV\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 68] C:\WINDOWS\system32\ikutm.dll [(Verified)youku.com, 0, 9, 8, 4] C:\Program Files\Rising\RAV\ScanSrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 17] C:\Program Files\Rising\RAV\scanpe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 26] C:\Program Files\Rising\RAV\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 7] C:\Program Files\Rising\RAV\engext.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 6] C:\Program Files\Rising\RAV\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 2] C:\Program Files\Rising\RAV\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 7] C:\Program Files\Rising\RAV\scantj.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 9] C:\Program Files\Rising\RAV\vmicore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 15] C:\Program Files\Rising\RAV\extsfx.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8] C:\Program Files\Rising\RAV\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 5] C:\Program Files\Rising\RAV\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 0] C:\Program Files\Rising\RAV\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 7] C:\Program Files\Rising\RAV\ur029.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 2] C:\Program Files\Rising\RAV\extarch.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8] C:\Program Files\Rising\RAV\extcomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 4] C:\Program Files\Rising\RAV\scansct.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1] C:\Program Files\Rising\RAV\extole.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 0] C:\Program Files\Rising\RAV\ScanRavT.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.64] C:\Program Files\Rising\RAV\ScanBT.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 95] C:\Program Files\Rising\RAV\ScanStub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 26] C:\Program Files\Rising\RAV\ur025.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1] C:\Program Files\Rising\RAV\urutils.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 6] C:\Program Files\Rising\RAV\ur023.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 2] [PID: 1640 / SYSTEM] C:\Program Files\Rising\RFW\RavMonD.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 12] C:\Program Files\Rising\RFW\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 11] C:\Program Files\Rising\RFW\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1] C:\Program Files\Rising\RFW\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1] C:\Program Files\Rising\RFW\MonComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.3] C:\Program Files\Rising\RFW\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.4] C:\Program Files\Rising\RFW\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.6] C:\Program Files\Rising\RFW\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Program Files\Rising\RFW\rfwsrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.78] C:\Program Files\Rising\RFW\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.1] C:\Program Files\Rising\RFW\mPorts.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.7] C:\Program Files\Rising\RFW\rfwdrvc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.0] C:\Program Files\Rising\RFW\fishweb.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 22] C:\Program Files\Rising\RFW\rsindent.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.1.0] C:\Program Files\Rising\RFW\taskplug.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.2] C:\Program Files\Rising\RFW\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.1] C:\Program Files\Rising\RFW\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.4] C:\Program Files\Rising\RFW\Rfwdrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 25.0.0.5] C:\Program Files\Rising\RFW\RfwArp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 25.0.0.1] C:\Program Files\Rising\RFW\urlrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.2] C:\Program Files\Rising\RFW\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 12] C:\Program Files\Rising\RFW\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3] C:\Program Files\Rising\RFW\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 2] C:\Program Files\Rising\RFW\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1] C:\Program Files\Rising\RFW\rfwproxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 65] C:\WINDOWS\system32\ikutm.dll [(Verified)youku.com, 0, 9, 8, 4] C:\Program Files\Rising\RFW\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.1] C:\Program Files\Rising\RFW\fwfish.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 4] C:\Program Files\Rising\RFW\fwcomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 11] C:\Program Files\Rising\RFW\fwfs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 5] C:\Program Files\Rising\RFW\fwvirlib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 5] C:\Program Files\Rising\RFW\fwlibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\Program Files\Rising\RFW\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 7] C:\Program Files\Rising\RFW\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.1] C:\Program Files\Rising\RFW\urllib.dll [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1] [PID: 1712 / SYSTEM] C:\WINDOWS\System32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\ikutm.dll [(Verified)youku.com, 0, 9, 8, 4] C:\WINDOWS\System32\msi.dll [Microsoft Corporation, 4.5.6001.22159] [PID: 1816 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1956 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\ikutm.dll [(Verified)youku.com, 0, 9, 8, 4] [PID: 172 / SYSTEM] C:\Program Files\360\360Safe\deepscan\zhudongfangyu.exe [(Verified)360.cn, 3, 2, 2, 1002] C:\Program Files\360\360Safe\SoftMgr\360SoftMgrS.dll [(Verified)360.cn, 2, 1, 6, 1070] C:\Program Files\360\360Safe\deepscan\CloudCom2.dll [(Verified)360.cn, 3, 2, 5, 5102] C:\Program Files\360\360Safe\deepscan\heavygate.dll [360.cn, 3, 6, 21, 0] C:\Program Files\360\360Safe\deepscan\qutmload.dll [(Verified)360安全中心, 6, 7, 0, 1002] [PID: 640 / SYSTEM] C:\WINDOWS\System32\PAStiSvc.exe [N/A] [PID: 656 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 680 / SYSTEM] C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDKeyMonitorCCB.exe [ Beijing WatchData System Co., Ltd., 3, 2, 0, 0] C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\wdkmgr.dll [Watchdata, 2, 1, 1, 40] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1568 / new] C:\WINDOWS\Explorer.EXE [(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\Ku6Kss.dll [(Verified)酷6网(北京)信息技术有限公司, 2, 0, 0, 1] C:\WINDOWS\system32\msi.dll [Microsoft Corporation, 4.5.6001.22159] C:\Program Files\360\360Safe\safemon\safemon.dll [(Verified)360.cn, 6, 7, 8, 1001] F:\Winrar3.91破解版\rarext.dll [N/A] C:\Program Files\360\360Safe\Utils\shell360ext.dll [(Verified)360.cn, 7, 5, 0, 1001] C:\WINDOWS\system32\ravext.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3] C:\WINDOWS\system32\KakaExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] C:\Program Files\QvodPlayer\QvodBand.dll [(Verified)Shenzhen QVOD Technology Co.,Ltd, 3, 0, 0, 0] C:\Program Files\YouKu\common\YoukuDesktop.dll [(Verified)Youku.com, 2.1.0.1029] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [Advanced Micro Devices, Inc., 6.14.10.2001] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamchs.dll [Advanced Micro Devices, Inc., 6.14.10.2001] [PID: 1764 / new] C:\WINDOWS\system32\rundll32.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\Ku6Kss.dll [(Verified)酷6网(北京)信息技术有限公司, 2, 0, 0, 1] C:\WINDOWS\system32\Macromed\Flash\Flash10l.ocx [(Verified)Adobe Systems, Inc., 10,1,102,64] C:\WINDOWS\system32\mscoree.dll [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300)] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300)] C:\Program Files\Common Files\PPLiveNetwork\kernel\VAProxyD.dll [(Verified)PPLive Corporation, 2, 0, 0, 14] [PID: 1988 / new] C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDCertM_CCB.exe [ Beijing WatchData System Co., Ltd., 3, 2, 0, 0] C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\TokenMgr.dll [ Beijing WatchData System Co., Ltd., 3, 6, 3, 2] C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDAlg.DLL [ Beijing WatchData System C0., Ltd., 3, 5, 12, 20] C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\wdkmgr.dll [Watchdata, 2, 1, 1, 40] C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDPKCS.dll [ Beijing WatchData System Co., Ltd., 3, 6, 2, 15] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDEvent.dll [ Beijing WatchData System Co., Ltd., 3, 2, 5, 0] C:\Program Files\Common Files\PPLiveNetwork\kernel\VAProxyD.dll [(Verified)PPLive Corporation, 2, 0, 0, 14] [PID: 1996 / new] C:\Program Files\Rising\RAV\RSTRAY.EXE [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.8] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\Program Files\Rising\RAV\comserv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.13] C:\Program Files\Rising\RAV\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.1] C:\Program Files\Rising\RAV\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.4] C:\Program Files\Rising\RAV\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.1] C:\Program Files\Rising\RAV\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.1] C:\Program Files\Rising\RAV\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.2] C:\Program Files\Rising\RAV\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] C:\Program Files\Rising\RAV\ScanEvnt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.10] C:\Program Files\Rising\RAV\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.11] C:\Program Files\Rising\RAV\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.4] C:\Program Files\Rising\RAV\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.7] C:\Program Files\Rising\RAV\mruleui.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 10] C:\Program Files\Rising\RAV\MonTray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.71] C:\Program Files\Rising\RAV\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.5] C:\Program Files\Rising\RAV\UsbServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3] C:\Program Files\Rising\RAV\ScanTray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.48] C:\Program Files\Rising\RAV\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3] C:\Program Files\Rising\RAV\dfw.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.63] C:\Program Files\Rising\RAV\ScanPrxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.30] C:\Program Files\Rising\RAV\GCompt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.46] C:\Program Files\Rising\RAV\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.4] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\WINDOWS\system32\ikutm.dll [(Verified)youku.com, 0, 9, 8, 4] [PID: 2004 / new] C:\Program Files\Rising\RFW\RSTRAY.EXE [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.8] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\Program Files\Rising\RFW\comserv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.13] C:\Program Files\Rising\RFW\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.1] C:\Program Files\Rising\RFW\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.4] C:\Program Files\Rising\RFW\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.1] C:\Program Files\Rising\RFW\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.1] C:\Program Files\Rising\RFW\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.2] C:\Program Files\Rising\RFW\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] C:\Program Files\Rising\RFW\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Program Files\Rising\RFW\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.4] C:\Program Files\Rising\RFW\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.7] C:\Program Files\Rising\RFW\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.11] C:\Program Files\Rising\RFW\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.12] C:\Program Files\Rising\RFW\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.5] C:\Program Files\Rising\RFW\rfwtray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 40] C:\Program Files\Rising\RFW\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.6] C:\Program Files\Rising\RFW\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3] C:\WINDOWS\system32\ikutm.dll [(Verified)youku.com, 0, 9, 8, 4] C:\Program Files\Rising\RAV\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.4] [PID: 1892 / new] C:\Program Files\360\360Safe\safemon\360Tray.exe [(Verified)360.cn, 7, 3, 1, 1026] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\Program Files\360\360Safe\ipc\ipcservice.dll [(Verified)360.CN, 6, 7, 5, 1002] C:\Program Files\360\360Safe\ipc\fileMgr.dll [(Verified)360.cn, 6, 7, 5, 1002] C:\Program Files\360\360Safe\ipc\yhregd.dll [(Verified)360.cn, 6, 7, 5, 1001] C:\Program Files\360\360Safe\ipc\appd.dll [(Verified)360.cn, 6, 7, 5, 1004] C:\Program Files\360\360Safe\safemon\360compro.dll [(Verified)360安全中心, 6, 2, 0, 1011] C:\Program Files\360\360Safe\safemon\360webpro.dll [(Verified)360.CN, 1, 3, 1, 1032] C:\Program Files\360\360Safe\safemon\360traylive.dll [(Verified)360安全中心, 7, 0, 0, 1003] C:\Program Files\360\360Safe\safemon\360procmon.dll [(Verified)360.CN, 6, 5, 5, 1033] C:\Program Files\360\360Safe\safemon\SelfProtectAPI2.dll [(Verified)360.CN, 6, 5, 5, 1030] C:\Program Files\360\360Safe\safemon\360SafeCamera.tpi [(Verified)360.cn, 1, 0, 0, 1010] C:\Program Files\360\360Safe\safemon\360safemonpro.tpi [(Verified)360.cn, 1, 3, 3, 1001] C:\Program Files\360\360Safe\safemon\netm.tpi [(Verified)360.cn, 2, 1, 3, 1128] C:\Program Files\360\360Safe\safemon\netmon.tpi [(Verified)360.cn, 2, 1, 5, 1125] C:\Program Files\360\360Safe\safemon\obTracer.tpi [(Verified)360.cn, 6, 6, 0, 1004] C:\WINDOWS\system32\ikutm.dll [(Verified)youku.com, 0, 9, 8, 4] C:\Program Files\360\360Safe\deepscan\qutmload.dll [(Verified)360安全中心, 6, 7, 0, 1002] C:\Program Files\360\360Safe\ipc\qutmipc.dll [(Verified)360.cn, 6, 5, 3, 1004] C:\Program Files\360\360Safe\deepscan\BAPI.dll [(Verified)360.cn, 2.0.0.1005] C:\Program Files\360\360Safe\SafeLive.dll [(Verified)360.cn, 1, 0, 0, 1009] C:\Program Files\360\360Safe\pdown.dll [(Verified)360.cn, 1, 2, 0, 1025] C:\Program Files\360\360Safe\360Common.dll [(Verified)360.cn, 7, 3, 0, 1014] C:\Program Files\360\360Safe\safemon\safemon.dll [(Verified)360.cn, 6, 7, 8, 1001] C:\Program Files\360\360Safe\safemon\urlproc.dll [(Verified)360.cn, 1, 2, 8, 1001] C:\Program Files\360\360Safe\safemon\urlprocnet.dll [(Verified)360.cn, 1, 2, 3, 1002] C:\Program Files\360\360Safe\deepscan\heavygate.dll [360.cn, 3, 6, 21, 0] C:\Program Files\360\360Safe\360ver.dll [(Verified)奇虎网, 7, 6, 0, 1001] C:\Program Files\360\360Safe\netmon\360netctrl.dll [(Verified)360.cn, 2, 1, 5, 1124] C:\Program Files\360\360Safe\deepscan\Cloudcom2.dll [(Verified)360.cn, 3, 2, 5, 5102] C:\Program Files\360\360Safe\ipc\PatchCheck.dll [(Verified)360.cn, 1, 1, 0, 1006] C:\Program Files\360\360Safe\LiveUpd360.dll [(Verified)360.cn, 1, 2, 0, 1047] C:\Program Files\360\360Safe\360net.dll [(Verified)奇虎网, 1, 1, 18, 1021] C:\Program Files\360\360Safe\360P2SP.dll [(Verified)360.cn, 1, 3, 0, 1010] C:\Program Files\360\360Safe\efiproc.dll [(Verified)奇虎360安全卫士, 1, 0, 0, 1005] C:\Program Files\360\360Safe\deepscan\deepscan.dll [(Verified)360.cn, 3, 2, 5, 5041] C:\Program Files\360\360Safe\Deepscan\ave\ave.dll [(Verified)360安全中心, 3, 1, 0, 1002] C:\Program Files\360\360Safe\deepscan\360MalwareSection.dll [(Verified)360.cn, 3, 2, 3, 8004] [PID: 2024 / new] C:\WINDOWS\system32\ctfmon.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\Program Files\Common Files\PPLiveNetwork\kernel\VAProxyD.dll [(Verified)PPLive Corporation, 2, 0, 0, 14] [PID: 2924 / LOCAL SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\ikutm.dll [(Verified)youku.com, 0, 9, 8, 4] [PID: 2292 / SYSTEM] C:\WINDOWS\system32\spoolsv.exe [(Verified)Microsoft Corporation, 5.1.2600.3740 (xpsp_sp2_gdr.100817-1639)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 2148 / new] C:\Program Files\QQ2010\Bin\QQ.exe [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Bin\Common.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.DLL [Microsoft Corporation, 8.00.50727.4053] C:\Program Files\QQ2010\Bin\KernelUtil.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Bin\GF.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Bin\xGraphic32.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Bin\AFUtil.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\Program Files\360\360Safe\safemon\safemon.dll [(Verified)360.cn, 6, 7, 8, 1001] C:\Program Files\QQ2010\Bin\LoginPanel.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\360\360Safe\safemon\iNetSafe.dll [(Verified)360.cn, 1, 0, 1, 1002] C:\Program Files\360\360Safe\safemon\AppFltr.dll [(Verified)(C) 360.cn Inc. All Rights Reserved, 1, 0, 0, 1001] C:\Program Files\QQ2010\Bin\IM.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Bin\TaskTray.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Bin\AppUtil.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Bin\TXPFProxy.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Bin\BasicCtrlDll.dll [(Verified)TENCENT, 8,0,773,1801] C:\Program Files\QQ2010\Bin\MainFrame.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Bin\AppFramework.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Bin\SkinMgr.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Plugin\Com.Tencent.PayCenter\Bin\PayCenter.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Plugin\Com.Tencent.QQVipMisc\Bin\QQVipMisc.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Plugin\Com.Tencent.NetBar\Bin\NetBar.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Plugin\Com.Tencent.VAS\Bin\VAS.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Plugin\Com.Tencent.Wireless\Bin\Wireless.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Plugin\Com.Tencent.PaiPaiGift\Bin\PaiPaiGift.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Plugin\Com.Tencent.QQShow\Bin\QQShow.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Plugin\Com.Tencent.Qzone\Bin\Qzone.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Plugin\Com.Tencent.CRM\Bin\CRM.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Plugin\Com.Tencent.AudioVideo\Bin\AudioVideo.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Plugin\Com.Tencent.Soso\Bin\Soso.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Plugin\Com.Tencent.Weather\Bin\Weather.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Plugin\Com.Tencent.Advertisement\Bin\Advertisement.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Plugin\Com.Tencent.Memo\Bin\Memo.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Plugin\Com.Tencent.QQVip\Bin\QQVip.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Plugin\Com.Tencent.MMOG\Bin\MMOG.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Plugin\Com.Tencent.QQGame\Bin\QQGame.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Plugin\Com.Tencent.QQMusic\Bin\QQMusic.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Plugin\Com.Tencent.Mail\Bin\Mail.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Plugin\Com.Tencent.QQShow\Bin\FlashAvatarDll.dll [(Verified)Tencent, 1.50.1720.0] C:\Program Files\QQ2010\Plugin\Com.Tencent.PaiPai\Bin\PaiPai.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Plugin\Com.Tencent.SNSApp\Bin\SNSApp.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Plugin\Com.Tencent.QQLive\Bin\QQLive.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Plugin\Com.Tencent.WenWen\Bin\WenWen.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Plugin\Com.Tencent.QQPet\Bin\QQPet.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Plugin\Com.Tencent.QBar\Bin\QBar.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Plugin\Com.Tencent.qqwebsite\Bin\qqwebsite.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Plugin\Com.Tencent.bookmark\Bin\bookmark.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOPlatform.dll [(Verified)Tencent, 1.2.1.10] C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOCommon.DLL [(Verified)Tencent, 1.2.1.6] C:\WINDOWS\system32\ikutm.dll [(Verified)youku.com, 0, 9, 8, 4] C:\Program Files\QQ2010\Bin\AFCtrl.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Bin\SystemMsg.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Bin\ConfigCenter.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Bin\ChatFrameApp.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Bin\QInterLive.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Bin\GroupApp.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Bin\AppMisc.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Bin\Contacts.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\WINDOWS\system32\msdmo.dll [(Verified)N/A] C:\Program Files\QQ2010\Bin\InformationBox.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Bin\ContactInfoFrame.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Bin\WBlog.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Plugin\com.tencent.taotao\Bin\taotao.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\WINDOWS\system32\Macromed\Flash\Flash10l.ocx [(Verified)Adobe Systems, Inc., 10,1,102,64] C:\Program Files\QQ2010\Plugin\com.tencent.filetransfer\Bin\FileTransfer.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Bin\MsgMgr.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Plugin\com.tencent.today\Bin\Today.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Bin\vqqsdl.dll [(Verified)Tencent, 5, 0, 3, 24] C:\Program Files\QQ2010\Plugin\com.tencent.qqring\Bin\QQRing.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\Rising\RAV\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.4] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Program Files\QQ2010\Bin\LongCnn.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Bin\CustomFace.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Bin\AddrSearch.dll [(Verified)Tencent, 2, 3, 12, 11] C:\Program Files\QQ2010\Bin\KernelMisc.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\QQ2010\Plugin\com.tencent.stock\Bin\Stock.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\Common Files\PPLiveNetwork\kernel\VAProxyD.dll [(Verified)PPLive Corporation, 2, 0, 0, 14] [PID: 2364 / new] C:\Program Files\QQ2010\Bin\TXPlatform.exe [(Verified)Tencent, 1, 50, 1720, 0] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\Program Files\360\360Safe\safemon\safemon.dll [(Verified)360.cn, 6, 7, 8, 1001] C:\Program Files\QQ2010\Bin\TXPFProxy.dll [(Verified)Tencent, 1, 50, 1720, 0] [PID: 948 / new] C:\Program Files\360\360Safe\LiveUpdate360.exe [(Verified)360.cn, 1, 2, 0, 1031] C:\Program Files\360\360Safe\LiveUpd360.dll [(Verified)360.cn, 1, 2, 0, 1047] C:\WINDOWS\system32\ikutm.dll [(Verified)youku.com, 0, 9, 8, 4] C:\Program Files\360\360Safe\360net.dll [(Verified)奇虎网, 1, 1, 18, 1021] C:\Program Files\360\360Safe\360P2SP.dll [(Verified)360.cn, 1, 3, 0, 1010] [PID: 4088 / new] C:\WINDOWS\system32\conime.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\Program Files\360\360Safe\safemon\safemon.dll [(Verified)360.cn, 6, 7, 8, 1001] C:\Program Files\Common Files\PPLiveNetwork\kernel\VAProxyD.dll [(Verified)PPLive Corporation, 2, 0, 0, 14] [PID: 3536 / new] C:\Program Files\Rising\AntiSpyware\RSTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.27] C:\Program Files\Rising\AntiSpyware\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\Program Files\Rising\AntiSpyware\RsXML.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2] C:\Program Files\Rising\AntiSpyware\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\Program Files\Rising\AntiSpyware\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Program Files\Rising\AntiSpyware\RegCall.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 5] C:\Program Files\Rising\AntiSpyware\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.31] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] C:\Program Files\Rising\AntiSpyware\rscommon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.1.1] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\Program Files\Rising\AntiSpyware\pngdll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5] C:\Program Files\Rising\AntiSpyware\runiep.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.54] C:\Program Files\Rising\AntiSpyware\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.11] C:\Program Files\Rising\RAV\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] C:\Program Files\Rising\AntiSpyware\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] C:\WINDOWS\system32\ikutm.dll [(Verified)youku.com, 0, 9, 8, 4] [PID: 176 / new] C:\Program Files\Rising\AntiSpyware\knownsvr.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.14] C:\Program Files\Rising\AntiSpyware\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.11] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [PID: 796 / Administrator] C:\WINDOWS\system32\cmd.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 2836 / Administrator] C:\WINDOWS\system32\cmd.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 2824 / new] C:\WINDOWS\system32\cmd.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 2812 / new] C:\WINDOWS\system32\cmd.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1012 / new] C:\Program Files\PPLive\PPTV\PPLive.exe [(Verified)PPLive Corporation, 2, 3, 0, 4] C:\Program Files\PPLive\PPTV\UI.DLL [(Verified)PPLive Corporation, 2, 3, 5, 3611] C:\Program Files\PPLive\PPTV\omng.DLL [(Verified)Copyright 2008, 2, 0, 0, 1] C:\Program Files\PPLive\PPTV\uilib.dll [(Verified)PPLive Corporation, 2, 5, 0, 3618] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\Program Files\360\360Safe\safemon\safemon.dll [(Verified)360.cn, 6, 7, 8, 1001] C:\Program Files\PPLive\PPTV\components\cmdline.dll [(Verified)Copyright 2008, 1, 0, 0, 1] C:\Program Files\Rising\RAV\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.4] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Program Files\PPLive\PPTV\components\PPFrame.dll [(Verified)Copyright 2008, 2, 5, 0, 3591] C:\Program Files\PPLive\PPTV\components\NCList.dll [(Verified)Copyright 2009, 2, 6, 0, 3681] C:\Program Files\PPLive\PPTV\sqlite3.dll [(Verified)N/A] C:\WINDOWS\system32\ikutm.dll [(Verified)youku.com, 0, 9, 8, 4] C:\Program Files\PPLive\PPTV\components\IEProxy.dll [(Verified)Copyright 2009, 2, 5, 0, 3215] C:\Program Files\PPLive\PPTV\components\PPOptions.dll [(Verified)Copyright 2009, 2, 4, 2, 3659] C:\Program Files\PPLive\PPTV\plugin\PPlugin.dll [(Verified)Copyright 2008, 1, 0, 0, 4] C:\Program Files\PPLive\PPTV\plugin\mframe.dll [(Verified)版权所有 (C) 2008, 2, 5, 0, 3382] C:\Program Files\PPLive\PPTV\ppp.dll [(Verified)Copyright 2008, 2, 5, 0, 3654] C:\Program Files\Common Files\PPLiveNetwork\kernel\VAProxyD.dll [(Verified)PPLive Corporation, 2, 0, 0, 14] C:\Program Files\PPLive\PPTV\components\PPChLocalManager.dll [(Verified)Copyright 2009, 2, 4, 2, 3310] C:\Program Files\Common Files\PPLiveNetwork\player\oplayer.ocx [(Verified)PPLive Corporation, 2, 4, 0, 3359] C:\Program Files\PPLive\PPTV\admodule.dll [(Verified)Copyright 2008, 2, 5, 0, 3845] C:\Program Files\PPLive\PPTV\components\IEBrowser.dll [(Verified)Copyright 2009, 2, 5, 0, 3580] C:\Program Files\PPLive\PPTV\components\chctrl.dll [(Verified)版权所有 (C) 2008, 2, 5, 0, 3676] C:\Program Files\PPLive\PPTV\components\Gallop.dll [(Verified)Copyright 2008, 1, 0, 0, 1] C:\Program Files\PPLive\PPTV\components\filepick.dll [(Verified)PPLive Corporation, 2, 4, 0, 1] C:\Program Files\PPLive\PPTV\components\condisp.dll [(Verified)PPLive Corporation, 2, 4, 0, 1] C:\WINDOWS\system32\Macromed\Flash\Flash10l.ocx [(Verified)Adobe Systems, Inc., 10,1,102,64] C:\Program Files\Common Files\PPLiveNetwork\player\MP4Splitter.ax [Gabest, 1, 1, 0, 0] C:\Program Files\Common Files\PPLiveNetwork\player\CoreAVC.2.0.0.0.ax [CoreCodec, 2.0.0] C:\Program Files\Common Files\PPLiveNetwork\player\VSFilter.dll [(Verified)MPC-HC Team, 1, 3, 3302, 0] C:\Program Files\Common Files\PPLiveNetwork\player\CoreAAC.ax [see the about box :p, 1, 2, 0, 575] C:\Program Files\Common Files\PPLiveNetwork\player\audioswitcher.ax [N/A] C:\WINDOWS\system32\mscoree.dll [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300)] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300)] [PID: 936 / new] C:\Program Files\Common Files\PPLiveNetwork\PPAP.exe [(Verified)PPLive Corporation, 2, 3, 0, 4] C:\Program Files\Common Files\PPLiveNetwork\MngModule.dll [(Verified)版权所有 (C) 2006, 2, 6, 0, 3694] C:\Program Files\Common Files\PPLiveNetwork\sqlite3.dll [(Verified)N/A] C:\Program Files\Common Files\PPLiveNetwork\uilib.dll [(Verified)PPLive Corporation, 2, 5, 0, 3361] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\Program Files\360\360Safe\safemon\safemon.dll [(Verified)360.cn, 6, 7, 8, 1001] C:\Program Files\PPLive\PPTV\plugout\client_ap.dll [(Verified)PPTV, 2, 5, 0, 3670] C:\Program Files\Common Files\PPLiveNetwork\kernel\sop.dll [(Verified)PPLive Corporation, 1, 1, 0, 18957] C:\Program Files\Common Files\PPLiveNetwork\kernel\live\live.dll [(Verified)Synacast, 1, 3, 1, 5] C:\Program Files\Common Files\PPLiveNetwork\TipsClient.dll [(Verified)版权所有 (C) 2010, 1, 0, 2, 4] C:\Program Files\Common Files\PPLiveNetwork\kernel\VAProxyD.dll [(Verified)PPLive Corporation, 2, 0, 0, 14] C:\Program Files\Common Files\PPLiveNetwork\kernel\peer.dll [(Verified)Synacast, 1, 5, 5, 4] C:\WINDOWS\system32\ikutm.dll [(Verified)youku.com, 0, 9, 8, 4] C:\Program Files\Common Files\PPLiveNetwork\kernel\FWUpnp.dll [(Verified)N/A] [PID: 5604 / new] F:\windows清理助手\arswp3\ArSwp3.exe [(Verified)Windows 清理助手, 3.1.3.0815] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\Program Files\360\360Safe\safemon\safemon.dll [(Verified)360.cn, 6, 7, 8, 1001] C:\WINDOWS\Ku6Kss.dll [(Verified)酷6网(北京)信息技术有限公司, 2, 0, 0, 1] C:\Program Files\Common Files\PPLiveNetwork\kernel\VAProxyD.dll [(Verified)PPLive Corporation, 2, 0, 0, 14] C:\WINDOWS\system32\ikutm.dll [(Verified)youku.com, 0, 9, 8, 4] C:\Program Files\Rising\RAV\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.4] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\WINDOWS\system32\Macromed\Flash\Flash10l.ocx [(Verified)Adobe Systems, Inc., 10,1,102,64] ================================================================ 文件关联 [.avi] <"C:\Program Files\Real\RealPlayer\RealPlay.exe" "%1"> [(Verified)RealNetworks, Inc., 12.0.0.879] [.html] <"C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome> [(Verified)Microsoft Corporation, 7.00.5730.13 (longhorn(wmbla).070711-1130)] [.wav] <"C:\Program Files\KuGou\KuGou2010\KuGoo.exe" /Open "%1"> [(Verified)酷狗音乐, 6.2.1.484] [.rat] <"C:\Program Files\QvodPlayer\QvodPlayer.exe" -localfile "%1"> [(Verified)Shenzhen QVOD Technology Co.,Ltd, 3, 5, 0, 64] [.mod] <"C:\Program Files\QvodPlayer\QvodPlayer.exe" -localfile "%1"> [(Verified)Shenzhen QVOD Technology Co.,Ltd, 3, 5, 0, 64] ================================================================ Autorun.Inf ================================================================ Winsock提供者 [Youku Smart Percieve LSP over MSAFD Tcpip [TCP/IP]] [(Verified)youku.com, 0, 9, 8, 4] [Youku Smart Percieve LSP over MSAFD Tcpip [UDP/IP]] [(Verified)youku.com, 0, 9, 8, 4] [Youku Smart Percieve LSP over MSAFD Tcpip [RAW/IP]] [(Verified)youku.com, 0, 9, 8, 4] [Youku Smart Percieve LSP] [(Verified)youku.com, 0, 9, 8, 4] ================================================================ 隐藏进程 ================================================================ 可疑文件 ================================================================ HOSTS 127.0.0.1 localhost [/CODE]